Since started to work with AWS I sometimes hit the same problems more than one time 😉 One of those happen was when working with AWS Cognito – just needed to authenticate and get token – or just verify the user 😉 using command line. I honestly did not want to be bothered with any complexity to get simple tokens which I planned to use in accessing other systems etc.
For this purposes I have created simple CLI ( right now with just 2 methods ) to help me out in those situations. Usage is extremely simple you just need to have your AWS profile configured and have details of your AppClient from your user pool.
Authenticate
> [SHELL] RafPe $ go-cognito-authy --profile cloudy --region eu-central-1 auth --username rafpe --password 'Password.0ne!' --clientID 2jxxxiuui123 { AuthenticationResult: { AccessToken: "eyJraWQiOiJ0QXVBNmxtNngrYkxoSmZ", ExpiresIn: 3600, IdToken: "eyJraWQiOiJ0bHF2UElTV0pn", RefreshToken: "eyJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R-TpkR_uompG7fyajYeFvn-rJVC_tDO4pB3", TokenType: "Bearer" }, ChallengeParameters: {} }
which in return should give you response with tokens needed further in your adventures with AWS…. but if you would have user in state that a password needs to be changed 😉 ….
> [INSERT] RafPe $ go-cognito-authy --profile cloudy --region eu-central-1 auth --username rafpe --password 'Password.0ne!' --clientID 2jxxxiuui123 { ChallengeName: "NEW_PASSWORD_REQUIRED", ChallengeParameters: { requiredAttributes: "[]", userAttributes: "{\"email_verified\":\"true\",\"email\":\"[email protected]\"}", USER_ID_FOR_SRP: "rafpe" }, Session: "bCqSkLeoJR_ys...." }
Administratively set new pass
With the session above and known challenge for new pass you can use it to set desired password
> [INSERT] RafPe $ go-cognito-authy --profile cloudy -region eu-central-1 admin reset-pass --username rafpe --pass-new 'Password.0ne2!' --clientID 2jxxxiuui123 --userPoolID eu-central-1_CWNnTiR0j --session "bCqSkLeoJR_ys...."
and voilla 😉 we can now continue playing with tokens
Patches welcome
The whole solution is available on Github https://github.com/RafPe/go-cognito-authy/tree/master and if you are missing something please create a PR 😉